CVE-2022-3358

Name of the Vulnerable Software and Affected Versions OpenSSL versions 3.0.0 through 3.0.5

Description The issue arises from the incorrect handling of legacy custom ciphers in OpenSSL versions 3.0.0 to 3.0.5. When an application uses the deprecated EVP CIPHER meth new() function with NID undef, the OpenSSL encryption/decryption initialisation function may match the NULL cipher as equivalent and fetch it from available providers. This results in the plaintext being emitted as the ciphertext. Applications are only affected if they call EVP CIPHER meth new() using NID undef and subsequently use it in a call to an encryption/decryption initialisation function, such as EVP EncryptInit ex2(), EVP DecryptInit ex2(), or EVP CipherInit ex2(). Applications that only use SSL/TLS are not impacted.

Recommendations For OpenSSL versions 3.0.0 through 3.0.5, update to version 3.0.6 to resolve the issue. As a temporary workaround, consider avoiding the use of EVP CIPHER meth new() with NID undef and instead use the new provider mechanism to implement custom ciphers. Restrict access to the vulnerable encryption/decryption initialisation functions to minimize the risk of exploitation.